@globus/sdk 2.4.1 → 3.0.0-alpha.10

package/esm/lib/core/authorization/AuthorizationManager.d.ts

@@ -0,0 +1,95 @@
+import type IConfig from 'js-pkce/dist/IConfig';
+import { Token, TokenResponse } from '../../services/auth/index.js';
+import { Event } from './Event.js';
+import { TokenLookup } from './TokenLookup.js';
+import { AuthorizationRequirementsError, ConsentRequiredError } from '../errors.js';
+export type AuthorizationManagerConfiguration = {
+    client_id: IConfig['client_id'];
+    requested_scopes: IConfig['requested_scopes'];
+    redirect_uri: IConfig['redirect_uri'];
+};
+/**
+ * @experimental
+ */
+export declare class AuthorizationManager {
+    #private;
+    configuration: AuthorizationManagerConfiguration;
+    /**
+     * The `AuthorizationManager` is consdiered `authenticated` if it has a valid Globus Auth token.
+     * It does not necessarily mean that it has a valid token for a specific resource server.
+     */
+    get authenticated(): boolean;
+    /**
+     * Set the authenticated state and emit the `authenticated` event.
+     */
+    set authenticated(value: boolean);
+    tokens: TokenLookup;
+    events: {
+        /**
+         * Emitted when the authenticated state changes.
+         * @event AuthorizationManager.events#authenticated
+         * @type {object}
+         * @property {boolean} isAuthenticated - Whether the `AuthorizationManager` is authenticated.
+         * @property {TokenResponse} [token] - The token response if the `AuthorizationManager` is authenticated.
+         */
+        authenticated: Event<"authenticated", {
+            /**
+             * Whether the `AuthorizationManager` is authenticated.
+             * @see {@link AuthorizationManager.authenticated}
+             */
+            isAuthenticated: boolean;
+            token?: TokenResponse | undefined;
+        }>;
+        /**
+         * Emitted when the user revokes their authentication.
+         * @event AuthorizationManager.events#revoke
+         */
+        revoke: Event<"revoke", unknown>;
+    };
+    constructor(configuration: AuthorizationManagerConfiguration);
+    startSilentRenew(): void;
+    hasGlobusAuthToken(): boolean;
+    getGlobusAuthToken(): any;
+    /**
+     * Reset the authenticated state and clear all tokens from storage.
+     * This method **does not** emit the `revoke` event. If you need to emit the `revoke` event, use the `AuthorizationManager.revoke` method.
+     */
+    reset(): void;
+    /**
+     * Initiate the login process by redirecting to the Globus Auth login page.
+     */
+    login(): void;
+    handleCodeRedirect(): Promise<void>;
+    /**
+     * Handle an error response from a Globus service in the context of this `AuthorizationManager`.
+     * This method will introspect the response and attempt to handle any errors that should result
+     * in some additional Globus Auth interaction.
+     * @param response - The error response from a Globus service.
+     * @param execute - Whether to execute the handler immediately or return a function that can be executed later.
+     */
+    handleErrorResponse(response: Record<string, unknown>, execute?: true): void;
+    handleErrorResponse(response: Record<string, unknown>, execute?: false): () => void;
+    /**
+     * Process a well-formed Authorization Requirements error response from a Globus service
+     * and redirect the user to the Globus Auth login page with the necessary parameters.
+     */
+    handleAuthorizationRequirementsError(response: AuthorizationRequirementsError): void;
+    /**
+     * Process a well-formed `ConsentRequired` error response from a Globus service
+     * and redirect the user to the Globus Auth login page with the necessary parameters.
+     */
+    handleConsentRequiredError(response: ConsentRequiredError): void;
+    /**
+     * Add a Globus Auth token response to storage, if `other_tokens` are present they are also added.
+     * This method is mostly used internally by the `AuthorizationManager`, but can be used by downstream
+     * consumers to add tokens to storage if necessary.
+     */
+    addTokenResponse: (token: Token | TokenResponse) => void;
+    /**
+     * Call `AuthroizationManager.reset` and emit the `revoke` event.
+     * @emits AuthorizationManager.events#revoke
+     * @see AuthorizationManager.reset
+     */
+    revoke(): Promise<void>;
+}
+//# sourceMappingURL=AuthorizationManager.d.ts.map

package/esm/lib/core/authorization/AuthorizationManager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthorizationManager.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/AuthorizationManager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAEhD,OAAO,EACL,KAAK,EACL,aAAa,EAId,MAAM,8BAA8B,CAAC;AAKtC,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AAEnC,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,OAAO,EAGL,8BAA8B,EAC9B,oBAAoB,EACrB,MAAM,cAAc,CAAC;AAEtB,MAAM,MAAM,iCAAiC,GAAG;IAC9C,SAAS,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;IAChC,gBAAgB,EAAE,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAC9C,YAAY,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;CACvC,CAAC;AAEF;;GAEG;AACH,qBAAa,oBAAoB;;IAG/B,aAAa,EAAE,iCAAiC,CAAC;IAIjD;;;OAGG;IACH,IAAI,aAAa,IAOQ,OAAO,CAL/B;IAED;;OAEG;IACH,IAAI,aAAa,CAAC,KAAK,EAAE,OAAO,EAG/B;IAED,MAAM,EAAE,WAAW,CAAC;IAEpB,MAAM;QACJ;;;;;;WAMG;;YAIC;;;eAGG;6BACc,OAAO;;;QAI5B;;;WAGG;;MAEH;gBAEU,aAAa,EAAE,iCAAiC;IAsB5D,gBAAgB;IAMhB,kBAAkB;IAIlB,kBAAkB;IA0BlB;;;OAGG;IACH,KAAK;IAmBL;;OAEG;IACH,KAAK;IASC,kBAAkB;IASxB;;;;;;OAMG;IACH,mBAAmB,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,EAAE,IAAI,GAAG,IAAI;IAC5E,mBAAmB,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,EAAE,KAAK,GAAG,MAAM,IAAI;IAyBnF;;;OAGG;IACH,oCAAoC,CAAC,QAAQ,EAAE,8BAA8B;IAe7E;;;OAGG;IACH,0BAA0B,CAAC,QAAQ,EAAE,oBAAoB;IAOzD;;;;OAIG;IACH,gBAAgB,UAAW,KAAK,GAAG,aAAa,UAM9C;IAEF;;;;OAIG;IACG,MAAM;CAIb"}

package/esm/lib/core/authorization/AuthorizationManager.js

@@ -0,0 +1,198 @@
+var _AuthorizationManager_instances, _AuthorizationManager_transport, _AuthorizationManager_authenticated, _AuthorizationManager_checkAuthorizationState, _AuthorizationManager_bootstrapFromStorageState, _AuthorizationManager_emitAuthenticatedState, _AuthorizationManager_buildTransport;
+import { __awaiter, __classPrivateFieldGet, __classPrivateFieldSet } from "tslib";
+import { getAuthorizationEndpoint, getTokenEndpoint, isGlobusAuthTokenResponse, } from '../../services/auth/index.js';
+import { createStorage, getStorage } from '../storage/index.js';
+import { log } from '../logger.js';
+import { Event } from './Event.js';
+import { RedirectTransport } from './RedirectTransport.js';
+import { TokenLookup } from './TokenLookup.js';
+import { isConsentRequiredError, isAuthorizationRequirementsError, } from '../errors.js';
+/**
+ * @experimental
+ */
+export class AuthorizationManager {
+    /**
+     * The `AuthorizationManager` is consdiered `authenticated` if it has a valid Globus Auth token.
+     * It does not necessarily mean that it has a valid token for a specific resource server.
+     */
+    get authenticated() {
+        return __classPrivateFieldGet(this, _AuthorizationManager_authenticated, "f");
+    }
+    /**
+     * Set the authenticated state and emit the `authenticated` event.
+     */
+    set authenticated(value) {
+        __classPrivateFieldSet(this, _AuthorizationManager_authenticated, value, "f");
+        __classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_emitAuthenticatedState).call(this);
+    }
+    constructor(configuration) {
+        _AuthorizationManager_instances.add(this);
+        _AuthorizationManager_transport.set(this, void 0);
+        _AuthorizationManager_authenticated.set(this, false);
+        this.events = {
+            /**
+             * Emitted when the authenticated state changes.
+             * @event AuthorizationManager.events#authenticated
+             * @type {object}
+             * @property {boolean} isAuthenticated - Whether the `AuthorizationManager` is authenticated.
+             * @property {TokenResponse} [token] - The token response if the `AuthorizationManager` is authenticated.
+             */
+            authenticated: new Event('authenticated'),
+            /**
+             * Emitted when the user revokes their authentication.
+             * @event AuthorizationManager.events#revoke
+             */
+            revoke: new Event('revoke'),
+        };
+        /**
+         * Add a Globus Auth token response to storage, if `other_tokens` are present they are also added.
+         * This method is mostly used internally by the `AuthorizationManager`, but can be used by downstream
+         * consumers to add tokens to storage if necessary.
+         */
+        this.addTokenResponse = (token) => {
+            getStorage().set(`${this.configuration.client_id}:${token.resource_server}`, token);
+            if ('other_tokens' in token) {
+                token.other_tokens.forEach(this.addTokenResponse);
+            }
+            __classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_checkAuthorizationState).call(this);
+        };
+        /**
+         * @todo Add support for passing in an alternative storage mechanism.
+         */
+        createStorage('localStorage');
+        if (!configuration.client_id) {
+            throw new Error('You must provide a `client_id` for your application.');
+        }
+        this.configuration = Object.assign(Object.assign({}, configuration), { 
+            /**
+             * Inject the `openid`, `profile`, `email`, and `offline_access` scopes by default.
+             */
+            requested_scopes: `${configuration.requested_scopes} openid profile email offline_access` });
+        this.tokens = new TokenLookup({
+            manager: this,
+        });
+        this.startSilentRenew();
+    }
+    startSilentRenew() {
+        log('debug', 'AuthorizationManager.startSilentRenew');
+        __classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_bootstrapFromStorageState).call(this);
+        // @todo Iterate through all tokens and refresh them.
+    }
+    hasGlobusAuthToken() {
+        return this.getGlobusAuthToken() !== null;
+    }
+    getGlobusAuthToken() {
+        const entry = getStorage().get(`${this.configuration.client_id}:auth.globus.org`);
+        return entry ? JSON.parse(entry) : null;
+    }
+    /**
+     * Reset the authenticated state and clear all tokens from storage.
+     * This method **does not** emit the `revoke` event. If you need to emit the `revoke` event, use the `AuthorizationManager.revoke` method.
+     */
+    reset() {
+        /**
+         * @todo This should be made specific to the keys generated by the `AuthorizationManager`.
+         */
+        getStorage().clear();
+        this.authenticated = false;
+    }
+    /**
+     * Initiate the login process by redirecting to the Globus Auth login page.
+     */
+    login() {
+        this.reset();
+        /**
+         * In the future, it's possible that we may want to support different types of transports.
+         */
+        const transport = __classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_buildTransport).call(this);
+        transport.send();
+    }
+    handleCodeRedirect() {
+        return __awaiter(this, void 0, void 0, function* () {
+            log('debug', 'AuthorizationManager.handleCodeRedirect');
+            const response = yield __classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_buildTransport).call(this).getToken();
+            if (isGlobusAuthTokenResponse(response)) {
+                log('debug', `AuthorizationManager.handleCodeRedirect | response=${response}`);
+                this.addTokenResponse(response);
+            }
+        });
+    }
+    handleErrorResponse(response, execute = true) {
+        log('debug', `AuthorizationManager.handleErrorResponse | response=${response} execute=${execute}`);
+        let handler = () => { };
+        if (isAuthorizationRequirementsError(response)) {
+            log('debug', 'AuthorizationManager.handleErrorResponse | error=AuthorizationRequirementsError');
+            handler = () => this.handleAuthorizationRequirementsError(response);
+        }
+        if (isConsentRequiredError(response)) {
+            log('debug', 'AuthorizationManager.handleErrorResponse | error=ConsentRequiredError');
+            handler = () => this.handleConsentRequiredError(response);
+        }
+        if ('code' in response && response['code'] === 'AuthenticationFailed') {
+            log('debug', 'AuthorizationManager.handleErrorResponse | error=AuthenticationFailed');
+            handler = () => this.revoke();
+        }
+        return execute === true ? handler() : handler;
+    }
+    /**
+     * Process a well-formed Authorization Requirements error response from a Globus service
+     * and redirect the user to the Globus Auth login page with the necessary parameters.
+     */
+    handleAuthorizationRequirementsError(response) {
+        __classPrivateFieldSet(this, _AuthorizationManager_transport, __classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_buildTransport).call(this, {
+            params: {
+                session_message: response.authorization_parameters.session_message,
+                session_required_identities: response.authorization_parameters.session_required_identities.join(','),
+                session_required_mfa: response.authorization_parameters.session_required_mfa,
+                session_required_single_domain: response.authorization_parameters.session_required_single_domain.join(','),
+                prompt: 'login',
+            },
+        }), "f");
+        __classPrivateFieldGet(this, _AuthorizationManager_transport, "f").send();
+    }
+    /**
+     * Process a well-formed `ConsentRequired` error response from a Globus service
+     * and redirect the user to the Globus Auth login page with the necessary parameters.
+     */
+    handleConsentRequiredError(response) {
+        __classPrivateFieldSet(this, _AuthorizationManager_transport, __classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_buildTransport).call(this, {
+            requested_scopes: response.required_scopes.join(' '),
+        }), "f");
+        __classPrivateFieldGet(this, _AuthorizationManager_transport, "f").send();
+    }
+    /**
+     * Call `AuthroizationManager.reset` and emit the `revoke` event.
+     * @emits AuthorizationManager.events#revoke
+     * @see AuthorizationManager.reset
+     */
+    revoke() {
+        return __awaiter(this, void 0, void 0, function* () {
+            this.reset();
+            yield this.events.revoke.dispatch();
+        });
+    }
+}
+_AuthorizationManager_transport = new WeakMap(), _AuthorizationManager_authenticated = new WeakMap(), _AuthorizationManager_instances = new WeakSet(), _AuthorizationManager_checkAuthorizationState = function _AuthorizationManager_checkAuthorizationState() {
+    log('debug', 'AuthorizationManager.#checkAuthorizationState');
+    if (this.hasGlobusAuthToken()) {
+        this.authenticated = true;
+    }
+}, _AuthorizationManager_bootstrapFromStorageState = function _AuthorizationManager_bootstrapFromStorageState() {
+    return __awaiter(this, void 0, void 0, function* () {
+        log('debug', 'AuthorizationManager.bootstrapFromStorageState');
+        __classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_checkAuthorizationState).call(this);
+    });
+}, _AuthorizationManager_emitAuthenticatedState = function _AuthorizationManager_emitAuthenticatedState() {
+    return __awaiter(this, void 0, void 0, function* () {
+        var _a;
+        const isAuthenticated = this.authenticated;
+        const token = (_a = this.getGlobusAuthToken()) !== null && _a !== void 0 ? _a : undefined;
+        yield this.events.authenticated.dispatch({
+            isAuthenticated,
+            token,
+        });
+    });
+}, _AuthorizationManager_buildTransport = function _AuthorizationManager_buildTransport(overrides) {
+    return new RedirectTransport(Object.assign({ client_id: this.configuration.client_id, authorization_endpoint: getAuthorizationEndpoint(), token_endpoint: getTokenEndpoint(), redirect_uri: this.configuration.redirect_uri, requested_scopes: this.configuration.requested_scopes }, overrides));
+};
+//# sourceMappingURL=AuthorizationManager.js.map

package/esm/lib/core/authorization/AuthorizationManager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthorizationManager.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/AuthorizationManager.ts"],"names":[],"mappings":";;AAEA,OAAO,EAGL,wBAAwB,EACxB,gBAAgB,EAChB,yBAAyB,GAC1B,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAChE,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAEnC,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,OAAO,EACL,sBAAsB,EACtB,gCAAgC,GAGjC,MAAM,cAAc,CAAC;AAQtB;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAO/B;;;OAGG;IACH,IAAI,aAAa;QACf,OAAO,uBAAA,IAAI,2CAAe,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,IAAI,aAAa,CAAC,KAAc;QAC9B,uBAAA,IAAI,uCAAkB,KAAK,MAAA,CAAC;QAC5B,uBAAA,IAAI,qFAAwB,MAA5B,IAAI,CAA0B,CAAC;IACjC,CAAC;IA8BD,YAAY,aAAgD;;QAlD5D,kDAA+B;QAI/B,8CAAiB,KAAK,EAAC;QAoBvB,WAAM,GAAG;YACP;;;;;;eAMG;YACH,aAAa,EAAE,IAAI,KAAK,CAUtB,eAAe,CAAC;YAClB;;;eAGG;YACH,MAAM,EAAE,IAAI,KAAK,CAAC,QAAQ,CAAC;SAC5B,CAAC;QAuKF;;;;WAIG;QACH,qBAAgB,GAAG,CAAC,KAA4B,EAAE,EAAE;YAClD,UAAU,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,aAAa,CAAC,SAAS,IAAI,KAAK,CAAC,eAAe,EAAE,EAAE,KAAK,CAAC,CAAC;YACpF,IAAI,cAAc,IAAI,KAAK,EAAE,CAAC;gBAC5B,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YACpD,CAAC;YACD,uBAAA,IAAI,sFAAyB,MAA7B,IAAI,CAA2B,CAAC;QAClC,CAAC,CAAC;QA/KA;;WAEG;QACH,aAAa,CAAC,cAAc,CAAC,CAAC;QAC9B,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAC1E,CAAC;QACD,IAAI,CAAC,aAAa,mCACb,aAAa;YAChB;;eAEG;YACH,gBAAgB,EAAE,GAAG,aAAa,CAAC,gBAAgB,sCAAsC,GAC1F,CAAC;QAEF,IAAI,CAAC,MAAM,GAAG,IAAI,WAAW,CAAC;YAC5B,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QACH,IAAI,CAAC,gBAAgB,EAAE,CAAC;IAC1B,CAAC;IAED,gBAAgB;QACd,GAAG,CAAC,OAAO,EAAE,uCAAuC,CAAC,CAAC;QACtD,uBAAA,IAAI,wFAA2B,MAA/B,IAAI,CAA6B,CAAC;QAClC,qDAAqD;IACvD,CAAC;IAED,kBAAkB;QAChB,OAAO,IAAI,CAAC,kBAAkB,EAAE,KAAK,IAAI,CAAC;IAC5C,CAAC;IAED,kBAAkB;QAChB,MAAM,KAAK,GAAG,UAAU,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,aAAa,CAAC,SAAS,kBAAkB,CAAC,CAAC;QAClF,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC1C,CAAC;IAuBD;;;OAGG;IACH,KAAK;QACH;;WAEG;QACH,UAAU,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC;IAC7B,CAAC;IAaD;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,KAAK,EAAE,CAAC;QACb;;WAEG;QACH,MAAM,SAAS,GAAG,uBAAA,IAAI,6EAAgB,MAApB,IAAI,CAAkB,CAAC;QACzC,SAAS,CAAC,IAAI,EAAE,CAAC;IACnB,CAAC;IAEK,kBAAkB;;YACtB,GAAG,CAAC,OAAO,EAAE,yCAAyC,CAAC,CAAC;YACxD,MAAM,QAAQ,GAAG,MAAM,uBAAA,IAAI,6EAAgB,MAApB,IAAI,CAAkB,CAAC,QAAQ,EAAE,CAAC;YACzD,IAAI,yBAAyB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACxC,GAAG,CAAC,OAAO,EAAE,sDAAsD,QAAQ,EAAE,CAAC,CAAC;gBAC/E,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;YAClC,CAAC;QACH,CAAC;KAAA;IAWD,mBAAmB,CAAC,QAAiC,EAAE,OAAO,GAAG,IAAI;QACnE,GAAG,CACD,OAAO,EACP,uDAAuD,QAAQ,YAAY,OAAO,EAAE,CACrF,CAAC;QACF,IAAI,OAAO,GAAG,GAAG,EAAE,GAAE,CAAC,CAAC;QACvB,IAAI,gCAAgC,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/C,GAAG,CACD,OAAO,EACP,iFAAiF,CAClF,CAAC;YACF,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,oCAAoC,CAAC,QAAQ,CAAC,CAAC;QACtE,CAAC;QACD,IAAI,sBAAsB,CAAC,QAAQ,CAAC,EAAE,CAAC;YACrC,GAAG,CAAC,OAAO,EAAE,uEAAuE,CAAC,CAAC;YACtF,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,MAAM,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,CAAC,KAAK,sBAAsB,EAAE,CAAC;YACtE,GAAG,CAAC,OAAO,EAAE,uEAAuE,CAAC,CAAC;YACtF,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QAChC,CAAC;QACD,OAAO,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;IAChD,CAAC;IAED;;;OAGG;IACH,oCAAoC,CAAC,QAAwC;QAC3E,uBAAA,IAAI,mCAAc,uBAAA,IAAI,6EAAgB,MAApB,IAAI,EAAiB;YACrC,MAAM,EAAE;gBACN,eAAe,EAAE,QAAQ,CAAC,wBAAwB,CAAC,eAAe;gBAClE,2BAA2B,EACzB,QAAQ,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,IAAI,CAAC,GAAG,CAAC;gBACzE,oBAAoB,EAAE,QAAQ,CAAC,wBAAwB,CAAC,oBAAoB;gBAC5E,8BAA8B,EAC5B,QAAQ,CAAC,wBAAwB,CAAC,8BAA8B,CAAC,IAAI,CAAC,GAAG,CAAC;gBAC5E,MAAM,EAAE,OAAO;aAChB;SACF,CAAC,MAAA,CAAC;QACH,uBAAA,IAAI,uCAAW,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IAED;;;OAGG;IACH,0BAA0B,CAAC,QAA8B;QACvD,uBAAA,IAAI,mCAAc,uBAAA,IAAI,6EAAgB,MAApB,IAAI,EAAiB;YACrC,gBAAgB,EAAE,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC;SACrD,CAAC,MAAA,CAAC;QACH,uBAAA,IAAI,uCAAW,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IAeD;;;;OAIG;IACG,MAAM;;YACV,IAAI,CAAC,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,CAAC;KAAA;CACF;;IArJG,GAAG,CAAC,OAAO,EAAE,+CAA+C,CAAC,CAAC;IAC9D,IAAI,IAAI,CAAC,kBAAkB,EAAE,EAAE,CAAC;QAC9B,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;IAC5B,CAAC;AACH,CAAC;;QAGC,GAAG,CAAC,OAAO,EAAE,gDAAgD,CAAC,CAAC;QAC/D,uBAAA,IAAI,sFAAyB,MAA7B,IAAI,CAA2B,CAAC;IAClC,CAAC;;;;QAGC,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC;QAC3C,MAAM,KAAK,GAAG,MAAA,IAAI,CAAC,kBAAkB,EAAE,mCAAI,SAAS,CAAC;QACrD,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC;YACvC,eAAe;YACf,KAAK;SACN,CAAC,CAAC;IACL,CAAC;wFAce,SAAuE;IACrF,OAAO,IAAI,iBAAiB,iBAC1B,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,SAAS,EACvC,sBAAsB,EAAE,wBAAwB,EAAE,EAClD,cAAc,EAAE,gBAAgB,EAAE,EAClC,YAAY,EAAE,IAAI,CAAC,aAAa,CAAC,YAAY,EAC7C,gBAAgB,EAAE,IAAI,CAAC,aAAa,CAAC,gBAAgB,IAClD,SAAS,EACZ,CAAC;AACL,CAAC"}

package/esm/lib/core/authorization/Event.d.ts

@@ -0,0 +1,12 @@
+type ListenerCallback<P> = (payload: P | undefined) => Promise<void> | void;
+export declare class Event<EventName extends string, Payload extends unknown> {
+    #private;
+    readonly name: EventName;
+    constructor(name: EventName);
+    addListener(callback: ListenerCallback<Payload>): () => void;
+    removeListener(callback: ListenerCallback<Payload>): void;
+    clearListeners(): void;
+    dispatch(payload?: Payload): Promise<void>;
+}
+export {};
+//# sourceMappingURL=Event.d.ts.map

package/esm/lib/core/authorization/Event.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"Event.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/Event.ts"],"names":[],"mappings":"AAAA,KAAK,gBAAgB,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,GAAG,SAAS,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AAE5E,qBAAa,KAAK,CAAC,SAAS,SAAS,MAAM,EAAE,OAAO,SAAS,OAAO;;IAGtD,QAAQ,CAAC,IAAI,EAAE,SAAS;gBAAf,IAAI,EAAE,SAAS;IAEpC,WAAW,CAAC,QAAQ,EAAE,gBAAgB,CAAC,OAAO,CAAC;IAK/C,cAAc,CAAC,QAAQ,EAAE,gBAAgB,CAAC,OAAO,CAAC;IAIlD,cAAc;IAIR,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO;CAGjC"}

package/esm/lib/core/authorization/Event.js

@@ -0,0 +1,25 @@
+var _Event_callbacks;
+import { __awaiter, __classPrivateFieldGet, __classPrivateFieldSet } from "tslib";
+export class Event {
+    constructor(name) {
+        this.name = name;
+        _Event_callbacks.set(this, []);
+    }
+    addListener(callback) {
+        __classPrivateFieldGet(this, _Event_callbacks, "f").push(callback);
+        return () => this.removeListener(callback);
+    }
+    removeListener(callback) {
+        __classPrivateFieldSet(this, _Event_callbacks, __classPrivateFieldGet(this, _Event_callbacks, "f").filter((cb) => cb !== callback), "f");
+    }
+    clearListeners() {
+        __classPrivateFieldSet(this, _Event_callbacks, [], "f");
+    }
+    dispatch(payload) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield Promise.all(__classPrivateFieldGet(this, _Event_callbacks, "f").map((callback) => callback(payload)));
+        });
+    }
+}
+_Event_callbacks = new WeakMap();
+//# sourceMappingURL=Event.js.map

package/esm/lib/core/authorization/Event.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"Event.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/Event.ts"],"names":[],"mappings":";;AAEA,MAAM,OAAO,KAAK;IAGhB,YAAqB,IAAe;QAAf,SAAI,GAAJ,IAAI,CAAW;QAFpC,2BAA0C,EAAE,EAAC;IAEN,CAAC;IAExC,WAAW,CAAC,QAAmC;QAC7C,uBAAA,IAAI,wBAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/B,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IAC7C,CAAC;IAED,cAAc,CAAC,QAAmC;QAChD,uBAAA,IAAI,oBAAc,uBAAA,IAAI,wBAAW,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,QAAQ,CAAC,MAAA,CAAC;IACpE,CAAC;IAED,cAAc;QACZ,uBAAA,IAAI,oBAAc,EAAE,MAAA,CAAC;IACvB,CAAC;IAEK,QAAQ,CAAC,OAAiB;;YAC9B,MAAM,OAAO,CAAC,GAAG,CAAC,uBAAA,IAAI,wBAAW,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QAC1E,CAAC;KAAA;CACF"}

package/esm/lib/core/authorization/RedirectTransport.d.ts

@@ -0,0 +1,14 @@
+import type IConfig from 'js-pkce/dist/IConfig';
+import type IObject from 'js-pkce/dist/IObject';
+export declare class RedirectTransport {
+    #private;
+    constructor(options: IConfig & {
+        /**
+         * Additional parameters to be included in the query string of the authorization request.
+         */
+        params?: IObject;
+    });
+    send(): void;
+    getToken(): Promise<import("js-pkce/dist/ITokenResponse").default | undefined>;
+}
+//# sourceMappingURL=RedirectTransport.d.ts.map

package/esm/lib/core/authorization/RedirectTransport.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"RedirectTransport.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/RedirectTransport.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAChD,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAEhD,qBAAa,iBAAiB;;gBAM1B,OAAO,EAAE,OAAO,GAAG;QACjB;;WAEG;QACH,MAAM,CAAC,EAAE,OAAO,CAAC;KAClB;IAWH,IAAI;IAIE,QAAQ;CAiBf"}

package/esm/lib/core/authorization/RedirectTransport.js

@@ -0,0 +1,37 @@
+var _RedirectTransport_pkce, _RedirectTransport_params;
+import { __awaiter, __classPrivateFieldGet, __classPrivateFieldSet, __rest } from "tslib";
+import PKCE from 'js-pkce';
+export class RedirectTransport {
+    constructor(options) {
+        _RedirectTransport_pkce.set(this, void 0);
+        _RedirectTransport_params.set(this, {});
+        const { params } = options, config = __rest(options, ["params"]);
+        __classPrivateFieldSet(this, _RedirectTransport_pkce, new PKCE(Object.assign({}, config)), "f");
+        __classPrivateFieldSet(this, _RedirectTransport_params, Object.assign({}, params), "f");
+    }
+    send() {
+        window.location.replace(__classPrivateFieldGet(this, _RedirectTransport_pkce, "f").authorizeUrl(__classPrivateFieldGet(this, _RedirectTransport_params, "f")));
+    }
+    getToken() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const url = new URL(window.location.href);
+            const params = new URLSearchParams(url.search);
+            if (!params.get('code'))
+                return undefined;
+            const response = yield __classPrivateFieldGet(this, _RedirectTransport_pkce, "f").exchangeForAccessToken(url.toString());
+            params.delete('code');
+            params.delete('state');
+            url.search = params.toString();
+            /**
+             * Resets js-pkce state
+             * @see https://github.com/bpedroza/js-pkce/blob/master/src/PKCE.ts
+             */
+            sessionStorage.removeItem('pkce_state');
+            sessionStorage.removeItem('pkce_code_verifier');
+            window.location.replace(url);
+            return response;
+        });
+    }
+}
+_RedirectTransport_pkce = new WeakMap(), _RedirectTransport_params = new WeakMap();
+//# sourceMappingURL=RedirectTransport.js.map

package/esm/lib/core/authorization/RedirectTransport.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"RedirectTransport.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/RedirectTransport.ts"],"names":[],"mappings":";;AAAA,OAAO,IAAI,MAAM,SAAS,CAAC;AAI3B,MAAM,OAAO,iBAAiB;IAK5B,YACE,OAKC;QAVH,0CAAY;QAEZ,oCAAmB,EAAE,EAAC;QAUpB,MAAM,EAAE,MAAM,KAAgB,OAAO,EAAlB,MAAM,UAAK,OAAO,EAA/B,UAAqB,CAAU,CAAC;QACtC,uBAAA,IAAI,2BAAS,IAAI,IAAI,mBAChB,MAAM,EACT,MAAA,CAAC;QACH,uBAAA,IAAI,+CACC,MAAM,OACV,CAAC;IACJ,CAAC;IAED,IAAI;QACF,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,uBAAA,IAAI,+BAAM,CAAC,YAAY,CAAC,uBAAA,IAAI,iCAAQ,CAAC,CAAC,CAAC;IACjE,CAAC;IAEK,QAAQ;;YACZ,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC1C,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC/C,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC;gBAAE,OAAO,SAAS,CAAC;YAC1C,MAAM,QAAQ,GAAG,MAAM,uBAAA,IAAI,+BAAM,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;YACzE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YACtB,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvB,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC/B;;;eAGG;YACH,cAAc,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;YACxC,cAAc,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;YAChD,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC7B,OAAO,QAAQ,CAAC;QAClB,CAAC;KAAA;CACF"}

package/esm/lib/core/authorization/TokenLookup.d.ts

@@ -0,0 +1,12 @@
+import { Token } from '../../services/auth/index.js';
+import { AuthorizationManager } from './AuthorizationManager.js';
+export declare class TokenLookup {
+    #private;
+    constructor(options: {
+        manager: AuthorizationManager;
+    });
+    get auth(): Token | null;
+    get transfer(): Token | null;
+    get flows(): Token | null;
+}
+//# sourceMappingURL=TokenLookup.d.ts.map

package/esm/lib/core/authorization/TokenLookup.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"TokenLookup.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/TokenLookup.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAU,MAAM,8BAA8B,CAAC;AAG7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAEjE,qBAAa,WAAW;;gBAGV,OAAO,EAAE;QAAE,OAAO,EAAE,oBAAoB,CAAA;KAAE;IAWtD,IAAI,IAAI,IAAI,KAAK,GAAG,IAAI,CAEvB;IAED,IAAI,QAAQ,IAAI,KAAK,GAAG,IAAI,CAE3B;IAED,IAAI,KAAK,IAAI,KAAK,GAAG,IAAI,CAExB;CACF"}

package/esm/lib/core/authorization/TokenLookup.js

@@ -0,0 +1,27 @@
+var _TokenLookup_instances, _TokenLookup_manager, _TokenLookup_getTokenForService;
+import { __classPrivateFieldGet, __classPrivateFieldSet } from "tslib";
+import { getStorage } from '../storage/index.js';
+import { CONFIG } from '../../services/auth/index.js';
+export class TokenLookup {
+    constructor(options) {
+        _TokenLookup_instances.add(this);
+        _TokenLookup_manager.set(this, void 0);
+        __classPrivateFieldSet(this, _TokenLookup_manager, options.manager, "f");
+    }
+    get auth() {
+        return __classPrivateFieldGet(this, _TokenLookup_instances, "m", _TokenLookup_getTokenForService).call(this, 'AUTH');
+    }
+    get transfer() {
+        return __classPrivateFieldGet(this, _TokenLookup_instances, "m", _TokenLookup_getTokenForService).call(this, 'TRANSFER');
+    }
+    get flows() {
+        return __classPrivateFieldGet(this, _TokenLookup_instances, "m", _TokenLookup_getTokenForService).call(this, 'FLOWS');
+    }
+}
+_TokenLookup_manager = new WeakMap(), _TokenLookup_instances = new WeakSet(), _TokenLookup_getTokenForService = function _TokenLookup_getTokenForService(service) {
+    var _a;
+    const resourceServer = (_a = CONFIG.RESOURCE_SERVERS) === null || _a === void 0 ? void 0 : _a[service];
+    const raw = getStorage().get(`${__classPrivateFieldGet(this, _TokenLookup_manager, "f").configuration.client_id}:${resourceServer}`) || 'null';
+    return JSON.parse(raw);
+};
+//# sourceMappingURL=TokenLookup.js.map

package/esm/lib/core/authorization/TokenLookup.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"TokenLookup.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/TokenLookup.ts"],"names":[],"mappings":";;AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAS,MAAM,EAAE,MAAM,8BAA8B,CAAC;AAK7D,MAAM,OAAO,WAAW;IAGtB,YAAY,OAA0C;;QAFtD,uCAA+B;QAG7B,uBAAA,IAAI,wBAAY,OAAO,CAAC,OAAO,MAAA,CAAC;IAClC,CAAC;IASD,IAAI,IAAI;QACN,OAAO,uBAAA,IAAI,+DAAoB,MAAxB,IAAI,EAAqB,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,uBAAA,IAAI,+DAAoB,MAAxB,IAAI,EAAqB,UAAU,CAAC,CAAC;IAC9C,CAAC;IAED,IAAI,KAAK;QACP,OAAO,uBAAA,IAAI,+DAAoB,MAAxB,IAAI,EAAqB,OAAO,CAAC,CAAC;IAC3C,CAAC;CACF;yJAlBqB,OAAwD;;IAC1E,MAAM,cAAc,GAAG,MAAA,MAAM,CAAC,gBAAgB,0CAAG,OAAO,CAAC,CAAC;IAC1D,MAAM,GAAG,GACP,UAAU,EAAE,CAAC,GAAG,CAAC,GAAG,uBAAA,IAAI,4BAAS,CAAC,aAAa,CAAC,SAAS,IAAI,cAAc,EAAE,CAAC,IAAI,MAAM,CAAC;IAC3F,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC"}

package/esm/lib/core/authorization/index.d.ts

@@ -0,0 +1,13 @@
+import { AuthorizationManager, type AuthorizationManagerConfiguration } from './AuthorizationManager.js';
+import * as tokens from './tokens.js';
+export * as tokens from './tokens.js';
+/**
+ * @deprecated This will be removed in a future release. Use an instance of the AuthorizationManager instead.
+ */
+export declare const getTokenForScope: typeof tokens.getTokenForScope;
+/**
+ * Create an instance of the AuthorizationManager.
+ * @experimental
+ */
+export declare function create(configuration: AuthorizationManagerConfiguration): AuthorizationManager;
+//# sourceMappingURL=index.d.ts.map

package/esm/lib/core/authorization/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,KAAK,iCAAiC,EACvC,MAAM,2BAA2B,CAAC;AAEnC,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAEtC,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC;;GAEG;AACH,eAAO,MAAQ,gBAAgB,gCAAW,CAAC;AAE3C;;;GAGG;AACH,wBAAgB,MAAM,CAAC,aAAa,EAAE,iCAAiC,wBAEtE"}

package/esm/lib/core/authorization/index.js

@@ -0,0 +1,15 @@
+import { AuthorizationManager, } from './AuthorizationManager.js';
+import * as tokens from './tokens.js';
+export * as tokens from './tokens.js';
+/**
+ * @deprecated This will be removed in a future release. Use an instance of the AuthorizationManager instead.
+ */
+export const { getTokenForScope } = tokens;
+/**
+ * Create an instance of the AuthorizationManager.
+ * @experimental
+ */
+export function create(configuration) {
+    return new AuthorizationManager(configuration);
+}
+//# sourceMappingURL=index.js.map

package/esm/lib/core/authorization/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,GAErB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAEtC,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC;;GAEG;AACH,MAAM,CAAC,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,CAAC;AAE3C;;;GAGG;AACH,MAAM,UAAU,MAAM,CAAC,aAAgD;IACrE,OAAO,IAAI,oBAAoB,CAAC,aAAa,CAAC,CAAC;AACjD,CAAC"}

package/esm/lib/core/authorization/tokens.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Obtain the token string for the given scope.
+ * @param scope The scope string that will be used to look up the token.
+ * @returns The token string for the given scope or null if no token is found.
+ */
+export declare function getTokenForScope(scope: string): string | null;
+//# sourceMappingURL=tokens.d.ts.map

package/esm/lib/core/authorization/tokens.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokens.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/tokens.ts"],"names":[],"mappings":"AASA;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,iBAO7C"}

package/esm/lib/core/authorization/tokens.js

@@ -0,0 +1,19 @@
+import { getStorage } from '../storage/index.js';
+function isValidToken(check) {
+    const maybe = check;
+    return Boolean(maybe.token_type && maybe.access_token);
+}
+/**
+ * Obtain the token string for the given scope.
+ * @param scope The scope string that will be used to look up the token.
+ * @returns The token string for the given scope or null if no token is found.
+ */
+export function getTokenForScope(scope) {
+    const storageValue = getStorage().get(scope);
+    const token = storageValue ? JSON.parse(storageValue) : null;
+    if (!token || !isValidToken(token)) {
+        return null;
+    }
+    return `${token.token_type} ${token.access_token}`;
+}
+//# sourceMappingURL=tokens.js.map

package/esm/lib/core/authorization/tokens.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokens.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/tokens.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,SAAS,YAAY,CAAC,KAAc;IAClC,MAAM,KAAK,GAAG,KAAc,CAAC;IAC7B,OAAO,OAAO,CAAC,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;AACzD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,MAAM,YAAY,GAAG,UAAU,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC7D,IAAI,CAAC,KAAK,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;AACrD,CAAC"}

package/esm/lib/core/errors.d.ts

@@ -2,4 +2,25 @@ export declare class EnvironmentConfigurationError extends Error {
     name: string;
     constructor(variable: string, value: unknown);
 }
+export type WellFormedError = {
+    code: string;
+    message: string;
+};
+export declare function isErrorWellFormed(test: unknown): test is WellFormedError;
+export type ConsentRequiredError = {
+    code: 'ConsentRequired';
+    required_scopes: string[];
+    [key: string]: unknown;
+};
+export declare function isConsentRequiredError(test: unknown): test is ConsentRequiredError;
+export type AuthorizationRequirementsError = {
+    authorization_parameters: {
+        session_message: string;
+        session_required_identities: string[];
+        session_required_mfa: boolean;
+        session_required_single_domain: string[];
+    };
+    [key: string]: unknown;
+};
+export declare function isAuthorizationRequirementsError(test: unknown): test is AuthorizationRequirementsError;
 //# sourceMappingURL=errors.d.ts.map

package/esm/lib/core/errors.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../../src/lib/core/errors.ts"],"names":[],"mappings":"AAAA,qBAAa,6BAA8B,SAAQ,KAAK;IAC7C,IAAI,SAAmC;gBAEpC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO;CAK7C"}
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../../src/lib/core/errors.ts"],"names":[],"mappings":"AAAA,qBAAa,6BAA8B,SAAQ,KAAK;IAC7C,IAAI,SAAmC;gBAEpC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO;CAK7C;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,eAAe,CAExE;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,IAAI,EAAE,iBAAiB,CAAC;IACxB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,oBAAoB,CAOlF;AAED,MAAM,MAAM,8BAA8B,GAAG;IAC3C,wBAAwB,EAAE;QACxB,eAAe,EAAE,MAAM,CAAC;QACxB,2BAA2B,EAAE,MAAM,EAAE,CAAC;QACtC,oBAAoB,EAAE,OAAO,CAAC;QAC9B,8BAA8B,EAAE,MAAM,EAAE,CAAC;KAC1C,CAAC;IACF,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,wBAAgB,gCAAgC,CAC9C,IAAI,EAAE,OAAO,GACZ,IAAI,IAAI,8BAA8B,CAOxC"}

package/esm/lib/core/errors.js

@@ -6,4 +6,19 @@ export class EnvironmentConfigurationError extends Error {
         this.message = `Invalid configuration value provided for ${variable} (${value}).`;
     }
 }
+export function isErrorWellFormed(test) {
+    return typeof test === 'object' && test !== null && 'code' in test && 'message' in test;
+}
+export function isConsentRequiredError(test) {
+    return (isErrorWellFormed(test) &&
+        test.code === 'ConsentRequired' &&
+        'required_scopes' in test &&
+        Array.isArray(test.required_scopes));
+}
+export function isAuthorizationRequirementsError(test) {
+    return (isErrorWellFormed(test) &&
+        'authorization_parameters' in test &&
+        typeof test.authorization_parameters === 'object' &&
+        test.authorization_parameters !== null);
+}
 //# sourceMappingURL=errors.js.map

package/esm/lib/core/errors.js.map

@@ -1 +1 @@
-{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../../src/lib/core/errors.ts"],"names":[],"mappings":"AAAA,MAAM,OAAO,6BAA8B,SAAQ,KAAK;IAGtD,YAAY,QAAgB,EAAE,KAAc;QAC1C,KAAK,EAAE,CAAC;QAHD,SAAI,GAAG,+BAA+B,CAAC;QAI9C,4EAA4E;QAC5E,IAAI,CAAC,OAAO,GAAG,4CAA4C,QAAQ,KAAK,KAAK,IAAI,CAAC;IACpF,CAAC;CACF"}
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../../src/lib/core/errors.ts"],"names":[],"mappings":"AAAA,MAAM,OAAO,6BAA8B,SAAQ,KAAK;IAGtD,YAAY,QAAgB,EAAE,KAAc;QAC1C,KAAK,EAAE,CAAC;QAHD,SAAI,GAAG,+BAA+B,CAAC;QAI9C,4EAA4E;QAC5E,IAAI,CAAC,OAAO,GAAG,4CAA4C,QAAQ,KAAK,KAAK,IAAI,CAAC;IACpF,CAAC;CACF;AAOD,MAAM,UAAU,iBAAiB,CAAC,IAAa;IAC7C,OAAO,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,MAAM,IAAI,IAAI,IAAI,SAAS,IAAI,IAAI,CAAC;AAC1F,CAAC;AAQD,MAAM,UAAU,sBAAsB,CAAC,IAAa;IAClD,OAAO,CACL,iBAAiB,CAAC,IAAI,CAAC;QACvB,IAAI,CAAC,IAAI,KAAK,iBAAiB;QAC/B,iBAAiB,IAAI,IAAI;QACzB,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CACpC,CAAC;AACJ,CAAC;AAYD,MAAM,UAAU,gCAAgC,CAC9C,IAAa;IAEb,OAAO,CACL,iBAAiB,CAAC,IAAI,CAAC;QACvB,0BAA0B,IAAI,IAAI;QAClC,OAAO,IAAI,CAAC,wBAAwB,KAAK,QAAQ;QACjD,IAAI,CAAC,wBAAwB,KAAK,IAAI,CACvC,CAAC;AACJ,CAAC"}

package/esm/lib/core/global.d.ts

@@ -40,6 +40,7 @@ export declare function getSDKOptions(options?: SDKOptions): {
             keepalive?: boolean | undefined;
             method?: string | undefined;
             mode?: RequestMode | undefined;
+            priority?: RequestPriority | undefined;
             redirect?: RequestRedirect | undefined;
             referrer?: string | undefined;
             referrerPolicy?: ReferrerPolicy | undefined;
@@ -64,5 +65,6 @@ export declare function getVerifySSL(): boolean;
  * Handlers for: GLOBUS_SDK_HTTP_TIMEOUT
  */
 export declare function getHttpTimeout(): number | null;
+export declare function getServiceHost(service: Service, environment?: Environment): string | undefined;
 export declare function getServiceBaseUrl(service: Service, environment?: Environment): string | undefined;
 //# sourceMappingURL=global.d.ts.map

package/esm/lib/core/global.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"global.d.ts","sourceRoot":"","sources":["../../../../src/lib/core/global.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAwBlD;;GAEG;AACH,eAAO,MAAM,YAAY;;;;;;;CAOf,CAAC;AAEX,MAAM,MAAM,WAAW,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,OAAO,YAAY,CAAC,CAAC;AAE3E,wBAAgB,cAAc,IAAI,WAAW,CAM5C;AAED,eAAO,MAAM,QAAQ;;;;;;;CAOpB,CAAC;AAEF,MAAM,MAAM,OAAO,GAAG,MAAM,OAAO,QAAQ,CAAC;AAE5C,eAAO,MAAM,aAAa,EAAE,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAO/E,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,OAAO,CAAC,EAAE,UAAU;;;;;;;;;;;;;;;;;;;;;;EAqBjD;AAED;;;;;;;;GAQG;AACH,wBAAgB,YAAY,IAAI,OAAO,CAQtC;AAED;;GAEG;AACH,wBAAgB,cAAc,kBAM7B;AAMD,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,GAAE,WAA8B,sBAG9F"}
+{"version":3,"file":"global.d.ts","sourceRoot":"","sources":["../../../../src/lib/core/global.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAwBlD;;GAEG;AACH,eAAO,MAAM,YAAY;;;;;;;CAOf,CAAC;AAEX,MAAM,MAAM,WAAW,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,OAAO,YAAY,CAAC,CAAC;AAE3E,wBAAgB,cAAc,IAAI,WAAW,CAM5C;AAED,eAAO,MAAM,QAAQ;;;;;;;CAOpB,CAAC;AAEF,MAAM,MAAM,OAAO,GAAG,MAAM,OAAO,QAAQ,CAAC;AAE5C,eAAO,MAAM,aAAa,EAAE,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAO/E,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,OAAO,CAAC,EAAE,UAAU;;;;;;;;;;;;;;;;;;;;;;;EAqBjD;AAED;;;;;;;;GAQG;AACH,wBAAgB,YAAY,IAAI,OAAO,CAQtC;AAED;;GAEG;AACH,wBAAgB,cAAc,kBAM7B;AAED,wBAAgB,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,GAAE,WAA8B,sBAE3F;AAED,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,GAAE,WAA8B,sBAG9F"}